Re: Some routing advice (connecting through SSH)
Hi,
On 26 Oct 2001, Adam Warner wrote:
>
> On Fri, 2001-10-26 at 01:04, George Karaolides wrote:
> >
> > Hi,
> >
> > I need a bit more info. to start thinking about your question.
>
> I'm still up, barely :-)
>
> > How do you connect from H to R? Through the Internet?
>
> Yes.
>
> > If so, does your Internet connection (that you use to connect H to the Internet) have a
> > static IP address or a dynamic one?
>
> Static, permanent connection.
Good, that makes things somewhat easier.
>
> > Another point: It seems to me as if you'll be trying to use a
> > server hosted at an ISP as a masquerading gateway for your home LAN.
>
> Hey, hold on a minute! You're _way_ off base. What? Server hosted at an
> ISP? No!
>
> > You
> > may well be able to do it, and the ISP may well not catch you at it,
> > for a while anyway, but if the ISP sees this as violating the service
> > agreement they have with whoever they're hosting the server for (you?) and
> > they do find out, you are in for trouble.
>
> For what? I won't be in trouble for anything. Please don't jump to
> conclusions. If I was trying to do something naughty I wouldn't be using
> my real name (and please note that I use my real name in _all_ my
> communications).
Sorry if I offended you, but I said "It sounds like..." and "If..." I
didn't think you were delliberately trying to swindle an ISP. I had your
best interests in mind.
> Thanks anyway for being concerned. I only want to implement a very
> limited system for only specific browser traffic so I can perform
> searches on databases accessible at my Institution from my home computer
> (just like having a remote desktop, but as I say I'd like it to be more
> efficient). And I discussed it with my Department's computer support
> (his suggestion was to tunnel X through SSH). Even though I've never
> done that before I'd like to try and do it more efficiently (and also
> work more productively--If you go to save a document on a remote desktop
> it has only been saved to that computer. Then I'd need to use something
> like sftp to download it to my computer. Much better if I could operate
> as if I was at that machine).
>
> > The traffic won't be difficult
> > to spot; servers are expected to be serving out a lot of stuff, not to
> > have a lot of incoming traffic.
>
> Did I say there would be a lot of traffic or did I specifically say "for
> just some chosen traffic"? My Institution will be able to see all
> traffic going to my "R" computer. I would be very foolish to route
> personal traffic through my Institution's network.
Sorry again, I didn't get exactly what you were trying to do from
your first message.
Now to determine some more facts about the network geometry. I assume
that machine R at your institution has one interface connected to the
Internet, with a public IP address, and one on the institution's LAN with
a private IP address. Also, that the services you want to access are
also on the institution's LAN and also have private IP addresses. Is that
correct?
Best regards (it's still afternoon here),
George Karaolides 8, Costakis Pantelides St.,
tel: +35 79 68 08 86 Strovolos,
email: george@karaolides.com Nicosia CY 2057,
web: www.karaolides.com Republic of Cyprus
Reply to: